Law Enforcement Agencies Demanded Cell Phone User Info Far More Than 1.3 Million Times Last Year

Yesterday, Rep. Ed Markey (D-MA) revealed that federal, state and local law enforcement agencies have made an astounding 1.3 million demands for user cell phone data in the last year, “seeking text messages, caller locations and other information.” The New York Times called the new findings proof of “an explosion in cellphone surveillance” in the United States—much of it done without a warrant. Worse, the eye-popping figure is actually a significant underestimate; the actual number is “almost certainly much higher" than reported, according to the Times:

Because of incomplete record-keeping, the total number of law enforcement requests last year was almost certainly much higher than the 1.3 million the carriers reported to Mr. Markey. Also, the total number of people whose customer information was turned over could be several times higher than the number of requests because a single request often involves multiple callers. For instance, when a police agency asks for a cell tower “dump” for data on subscribers who were near a tower during a certain period of time, it may get back hundreds or even thousands of names.

This information comes on the heels of an ACLU report showing over 200 local law enforcement agencies admitted to regularly demanding cell phone location data from companies with little or no court oversight. The lack of court oversight is all the more disturbing considering we now know:

“AT&T alone now responds to 230 emergency requests a day nationwide — triple the number it fielded in 2007.”

Sprint alone processed more the 500,000 requests last year, in which only a subpoena was used.

A third party company called Neustar handles law enforcement compliance for about 400 phone and Internet companies.

It is a recipe for a privacy disaster. It's now clear cell phone companies and Congress have to work together on two things:

Given how much information has been requested on millions of cell phone users, and how long companies keep that information, these companies need to release regular transparency reports. Wired’s David Kravets wrote an open letter to the major carriers asking for the same last month. Customers have the right to know how many requests governments make each year, what type of court oversight they have (i.e. do they have a warrant), and how many are complied with.

Remember, the type of information law enforcement is requesting is kept by the phone companies for years at a time. A previous ACLU Freedom of Information Act request revealed, “Verizon keeps that data on a one-year rolling basis; T-Mobile for ‘a year or more;’ Sprint up to two years, and AT&T indefinitely.” The companies themselves should publish the current numbers and set much shorter limits on data retention to ensure customers’ private information stays protected.

The cell phone company numbers also show vital it is that Congress immediately step in and pass robust privacy legislation mandating a warrant for cell phone subscriber, cell tower and GPS data. Remember this data is extremely precise, as your cell phone sends your location back to cell phone towers every seven seconds—whether you are using your phone or not—giving police a virtual map of where you are 24/7. As the DC Circuit explained in 2010, a map of one’s travels can reveal the most intimate details of one’s life:

“[a] person who knows all of another’s travels can deduce whether he is a weekly church goer, a heavy drinker, a regular at the gym, an unfaithful husband, an outpatient receiving medical treatment, an associate of particular individuals or political groups—and not just one such fact about a person, but all such facts.”

Commendably, Mr. Markey told the New York Times that he and other members of Congress are working on legislation that would draw a clearer line on how the police can get access to such data. Mr. Markey likened the requests to “digital dragnets” and said, “There’s a real danger we’ve already crossed the line”.

In April, the House held a hearing on a bill that would require a warrant for location data, which EFF believes is sorely needed.

We hope this news will also cause the Obama administration to stand up for privacy and drop their objections to such law. They have previously argued before Congress that it’s “burdensome” to require law enforcement to get a warrant for such personal information. EFF believes they should be standing up for the Constitution and the Fourth Amendment instead.

Related Updates

The government recently revealed for the first time that federal agents maintained an open investigation of our client, Academy Award-winning documentary filmmaker Laura Poitras, for six years despite never finding any evidence that she committed a crime or was a threat to national security. Coming up empty handed after...

EFF Senior Staff Attorney Jennifer Lynch and Investigative Researcher Dave Maass last night received the First Amendment Coalition’s 2017 Free Speech & Open Government Award in recognition for their work bringing transparency and accountability to law enforcement’s collection and use of automated license plate...

A bill to extend one of the NSA’s most powerful surveillance tools, and further peel back American civil liberties, was approved today by the House Permanent Select Committee on Intelligence in a strict party line vote (12-8), with Republican members voting in the majority. The committee and the public had...

Thrown last-minute into a torrent of competing legislation, a new bill meant to expand the NSA’s broad surveillance powers is the most recent threat to American privacy. It increases who is subject to surveillance, allows warrantless search of American communications, expands how collected data can be used, and treats constitutional...

Washington, D.C. - The Electronic Frontier Foundation (EFF) filed suit against the Department of Justice, the Department of Commerce, and the Department of Homeland Security today, demanding records about the agencies’ work on the federal Tattoo Recognition Technology program. This secretive program involves a coalition of government, academia, and...

Securely browsing the Internet—even when you know what you’re doing—is tough. That’s partly why, nearly seven years ago, EFF worked together with The Tor Project to develop a privacy tool called HTTPS Everywhere, which automatically provides users with secure, encrypted connections to websites when available. While HTTPS Everywhere can be...

Millions of users are trying to protect their privacy from commercial tracking online, be it through their choice of browser, installation of ad and tracker blocking extensions, or use of a Virtual Private Network (VPN). This guide focuses on how to correctly configure the blocking extension in your browser to...

Today we’re launching a new version of Panopticlick, an EFF site which audits your browser privacy protection. Conceived to raise awareness about the threat of device fingerprinting, Panopticlick was extended in December 2015 to check for protection against tracking by ads and invisible beacons. This new update...

Take the language of one NSA surveillance reauthorization bill and add a few strong reform proposals from another, and what do you get? A bill that helps protect Americans from the warrantless search of the content of their emails, text messages, and digital communications. On November 17, Senators Patrick Leahy...

Three years ago, EFF exposed how hundreds of law enforcement agencies were putting families at risk by distributing free ComputerCOP “Internet safety” software that actually transmitted keystrokes unencrypted to a third-party server. Our report also raised serious questions about whether the company was deceiving government agencies by circulating a...